Friday, 31 March 2017

Last year, the developers behind Google’s Chrome browser began taking steps designed to protect users and encourage companies to use HTTPS.

But now, potentially millions of websites that use SSL certificates issued by Symantec and affiliated resellers could find that their certificates are effectively worthless as far as Chrome is concerned, after a member of the Chrome team published a proposal that would make them untrusted over the next 12 months.

The reason? According to the Google Chrome team, Symantec has not properly validated thousands of certificates. In fact, the Chrome team claims that “an initial set of reportedly 127 [misissued] certificates has expanded to include at least 30,000 [misissued] certificates, issued over a period spanning several years.”

Ryan Sleevi, the Chrome team member who wrote the announcement, elaborated,

“This is also coupled with a series of failures following the previous set of misissued certificates from Symantec, causing us to no longer have confidence in the certificate issuance policies and practices of Symantec over the past several years.”

Under the proposal he put forth, the accepted validity period of newly-issued Symantec to nine months or less, and an “incremental distrust” of currently-trusted certificates and removal of recognition of Extended Validation status of Symantec-issued certificates.

A nightmare scenario?

Symantec is the currently the largest Certificate Authority (CA) and by some estimates, has issued a third of the SSL certificates in use on the web.

So if the Google Chrome team moves forward with its proposal, it will have a huge impact on Symantec and its customers. Symantec would have to reissue potentially millions of certificates, creating a huge headache for customers, who would have to go through the validation process and install replacement certificates.

These certificates, which require companies to provide greater verification that they are who they say they are, are often used by companies running websites that absolutely need to use HTTPS, such as those that handle payments and financial transactions.

Extended Validation certificates are more costly, and one of the justifications for the greater cost is the fact that most browsers display indicators for websites that use them. If those indicators go away, it could theoretically harm companies that have relied on these indicators to signal trust to their users.

Not surprisingly, given the gravity of the situation, Symantec is disputing the Chrome team’s claims about certificate misissuances. In a response, it called the Chrome team’s proposal “irresponsible” and said the allegations leveled at it are “exaggerated and misleading.”

Symantec is open to working with the Google Chrome team and while it’s reasonable to hope that both parties will identify a satisfactory resolution that averts disruption, companies with certificates issued by Symantec will want to monitor the situation as it develops.

Welcome to our weekly round-up of all the latest news and research from the world of search marketing and beyond.

This week, the Google SERP has got a bit more interactive with the addition of rich results for podcasts, and a new study has found that marketers are still failing to use advanced search tactics in their campaigns.

Plus, Google has launched a new website to bring all of its open-source projects under one umbrella, and an unlikely partnership has arisen between Google and Chinese search giant Baidu to bring faster mobile web pages to a wider user base.

Google adds rich results for podcasts to the SERP

Google has stealthily launched some new guidelines for structured data on its Developers blog, to bring rich results for podcasts to the SERP.

At the moment the new feature is only available via Google Home (where you can use voice activation to start up a podcast) or in the Google Search app v6.5 or higher on Android, but Google hopes to soon add support for Chrome on Android.

Google’s blog provided a sample image for how this will look in practice:

Study: Marketers still aren’t using advanced search tactics

Those of us who keep close tabs on search innovation and strategy – or comment on it – are probably familiar with search tactics like retargeting lists for search ads (RLSA), voice search optimization, ad extensions in paid search listings, and schema markup. We know how to use them, and the benefits that they bring to ROI and visibility.

But a study by Bing and search agency Catalyst has revealed that among marketers as a whole, very few still are making use of advanced search tactics like these in their campaigns.

When asked which of a range of tactics their company used or was planning to use in 2016, only 34% of marketers reported using ad extensions; 30% said they used Product Listing Ads (PLAs); and 28% used retargeting lists for search ads (RLSA).

Just 28% of respondents reported using voice search optimization, 27% said they used sitelinks, and a dismal 17% reported using schema markup.

The new ad product is named, unsurprisingly, Ads on Periscope, and is an expansion of Twitter’s existing Amplify ad product. The Periscope ads are expected to share revenue with content creators in the same 70/30 split as Amplify ads.

showcases the breadth and depth of our love for open source. It will contain the expected things: our programs, organizations we support, and a comprehensive list of open source projects we’ve released. But it also contains something unexpected: a look under the hood at how we “do” open source.

The site contains the source code for Google’s Accelerated Mobile Pages Project official website, as well as the source code for its Android mobile OS, the Chromium web browser, its Tesseract Optical Character Recognition engine, and hundreds of other Google projects, both well-known and obscure.

While Google has always made the code for these projects available on GitHub and its self-hosted git service (this being the nature of open source), this is the first time users have been able to browse them from a central location, and is sure to provide Google enthusiasts with plenty of cool material to scour.

Baidu is working hand-in-hand with Google to accelerate the mobile web

And speaking of Accelerated Mobile Pages (AMP), an unlikely partnership has arisen in the world of search, as Baidu and Google confirmed that they are teaming up to bring a faster mobile web to a wider user base.

Google has a rocky history with China. It has had a presence in the country since 2005, but in 2010 decided to stop censoring its searches in accordance with Chinese law in response to a Chinese-originated hacking attack on itself and a number of other US tech companies, redirecting the searches instead to its Hong Kong search engine. Access to Google’s search engine and services has been blocked by the Chinese government on a number of occasions.

In the wake of this, native Chinese search engine Baidu overtook Google as the main search provider in China, and now enjoys around 80% of the Chinese search market, while Google China only has about 10%. But the two have evidently agreed to set aside their rivalry in order to pursue a higher goal: accelerating the mobile web.

At Google’s first AMP conference in New York, Baidu’s Gao Lei announced Mobile Instant Pages (Chinese-language link), or MIP, Baidu’s answer to Accelerated Mobile Pages. Hermas Ma reported on Search Engine Land that MIP has very similar technology to AMP, the main difference being that MIP are optimized for the Chinese internet.

Mobile Instant Pages can reportedly reduce the rendering of above-the-fold content by 30 to 80 percent, and Baidu has been considering giving MIP a ranking advantage in search results (something which AMP doesn’t yet have).

Ma also notes that the AMP Project website now loads in mainland China where it didn’t before, further pointing to a burying of the hatchet between Google and its Chinese counterpart.

Have we forgotten about WOMM?

The problem is that for the last few years, marketers have been focused on ‘collecting’ instead of ‘connecting.’ In other words, brands are too caught up in collecting social media fans and they are forgetting to actually connect with them.

I think this really hits the nail on the head.

Many marketers (myself included) are guilty of it to some extent.

I feel we’ve gotten so caught up in the latest and greatest marketing techniques that we sometimes forget about what good business is founded on in the first place: relationships.

Before there was social media, SEO, PPC, or even radio/TV commercials, most businesses gained new customers from old school person-to-person recommendations.

But it’s never too late to cash in on WOMM.

However, it does require a slightly different approach from the one used in the past.

The great thing is there are some really potent resources and platforms out there to streamline WOMM and maximize its impact.

I’d now like to discuss some fundamental tactics you can use to make your digital business explode using WOMM in the modern age.

Focus on your core audience, not the masses

The first step to making this strategy work is to understand who your core audience is.

Search and social don’t have to live in separate silos. Contributor Caitlin Jeansonne recaps SMX West sessions that looked at how SEO and social media teams can complement each other to provide stronger results.